Lucene search

K
cveMitreCVE-2022-47072
HistoryJan 31, 2024 - 9:15 p.m.

CVE-2022-47072

2024-01-3121:15:08
CWE-89
mitre
web.nvd.nist.gov
9
cve-2022-47072
sql injection
enterprise architect
32-bit
find parameter
select classifier dialog box

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

33.0%

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box…

Affected configurations

Nvd
Node
sparxsystemsenterprise_architectMatch16.0.1605x86
VendorProductVersionCPE
sparxsystemsenterprise_architect16.0.1605cpe:2.3:a:sparxsystems:enterprise_architect:16.0.1605:*:*:*:*:*:x86:*

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

33.0%

Related for CVE-2022-47072